Is Your Caching Resolver Polluting the Internet?

Duane Wessels1, 2

1

CAIDA, San Diego Supercomputer Center, University of California San Diego

2

The Measurement Factory, Inc.

Previous research has shown that most of the DNS queries
reaching the root of the hierarchy are bogus . This behavior
derives from two constraints on the system: (1) queries
that cannot be satisfied locally percolate up to the root of
the DNS; (2) some caching nameservers are behind packet
filters or firewalls that allow outgoing queries but block incoming
replies. These resolvers assume the network failure is
temporary and retransmit their queries, often aggressively.

DNS pollution may not be causing any perceivable performance problems. The root servers seem well equipped to
handle the load. Since DNS messages are small, the pollution
does not contribute significantly to the total traffic
generated by most organizations. Nonetheless, this paper
provides a few reasons why network operators should take
the time to investigate and fix these problems.